As sports betting ramps up and fans are eager for any ticket or merchandise deals, the number of phishing attempts rise as hackers target large sporting events like the Super Bowl to make a big score.
Consumers and companies should be prepared for a wide range of scams to occur around the Super Bowl since this is one of the big annual events cybercriminals target, Chris Pierson, CEO of BlackCloak, an Orlando, Fla.-based digital executive protection company that consults for Fortune 500s, told TheStreet.
A multitude of opportunities allow cybercriminals to leverage this event in order to “con consumers out of money and personal information,” he said.
Cyber criminals focus on events like the Super Bowl because of the increased visibility for financial, political or other purposes, Darren Guccione, CEO at Keeper Security, a Chicago-based provider of zero-trust and zero-knowledge cybersecurity software, told TheStreet.
"A successful cyber attack related to the Super Bowl will garner more media coverage than an attack at a standard company – as well as the pool of potential victims," he said. "The large numbers of people in attendance create a wealth of personal data that cybercriminals can target. The potential entry points for threat actors have increased exponentially in recent years as the Super Bowl and its surrounding events continue to expand their digital footprint."
Avoid Phishing Scams
The majority of the scams will boil down to phishing attacks ranging from email to text messages and messaging apps like WhatsApp to social media, collaboration tools such as Slack, video conferencing and even livestreaming services.
“Phishing attacks are evolving rapidly and we’re seeing them spread to almost every type of digital platform or service you can imagine,” Pierson said.
Cyber criminals are always one step ahead and have embraced new open source artificial intelligence tools like ChatGPT, AI image creators and deepfake apps to “make their phishing attacks much more convincing,” he said.
What is alarming is that these tools can help overseas scammers avoid language mistakes, create highly realistic fake photos, clone a person’s face or voice to better impersonate them, Pierson said.
The top phishing scams to expect for the Super Bowl are:
- Fake online sellers of NFL merchandise and memorabilia will be one of the biggest scams to watch out for. "Consumers should be wary of too good to be true prices and discounts on these items," he said. "If you pay for these items, don’t expect to receive anything. You will be ripped off."
- Fake offers for Super Bowl tickets, hotel rooms and special after-the-game events. "These offers are very likely to circulate on social media and may be offered by fake brokers or fake fans who claim they can no longer attend and need to sell fast," Pierson said.
- Lookout for NFT scams as these are increasingly common and the Super Bowl is an ideal time. "They will promise one-of-a-kind Super Bowl moments, players, memorabilia, etc...," he said. "Scammers will also claim fake partnerships with players, teams or related agencies to give the NFT offer more prestige."
- Bulk SMS phishing scams that target specific area code phone numbers (Arizona, Philadelphia, Kansas City) with fake cancellation, overcharge or fraud alert messages should also be expected.
Sports Betting a Target
As the number of states that legalize sports betting rise, both legal and illegal sports betting are "likely to be a hotbed of fraud and scams," Alex Hamerstone, advisory solutions director at TrustedSec, a Fairlawn, Ohio-based ethical hacking and cyber incident response company, told TheStreet.
The amount of revenue that is generated from sports betting is high, which attracts cyber criminals since the amount of profit scammers can receive is likely significant.
Watch Out for Counterfeit Merchandise
The number of scams being launched by fraudsters is immense. Expect counterfeit merchandise with people selling unlicensed merchandise online and others who will offer goods and accept payment but never send any goods, Hamerstone said.
During periods of high interest and traffic in the lead up to the Super Bowl, watch for indicators of fraud as you are consuming content to avoid being a target of a criminal.
Free online betting, discounted food delivery services and even cut-rate tickets are all valid opportunities that can be "co-opted by attackers seeking to infiltrate the web traffic and transactions of viewers," Jack Danahy vice president of strategy and innovation at NuHarbor, a Colchester, Vermont-based cybersecurity services company, told TheStreet.
"Prior to responding or clicking on any advertisement via email, social media, or even text message, users should always double-check the authenticity of the identity of the sender," he said.
As AI and new research techniques gain in popularity, these tools are simplifying the creation of realistic messages.
"Block questionable sources of email and texts and ignore ads placed on popular sites and services like Facebook, Instagram and even LinkedIn, unless their legitimacy can be absolutely confirmed," Danahy said. "While these defensive behaviors are always recommended, the furor and noise of a big event creates the type of confusion that cyber criminals hope for."